CVE-2024-40114
Severity CVSS v4.0:
Pending analysis
Type:
CWE-79
Cross-Site Scripting (XSS)
Publication date:
02/06/2025
Last modified:
24/06/2025
Description
A Cross Site Scripting (XSS) vulnerability in Sitecom WLX-2006 Wall Mount Range Extender N300 v1.5 and before allows an attacker to manipulate the language cookie to inject malicious JavaScript code.
Impact
Base Score 3.x
6.10
Severity 3.x
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:sitecom:wlx-2006_firmware:*:*:*:*:*:*:*:* | 1.5 (including) | |
cpe:2.3:h:sitecom:wlx-2006:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page